On 4/20/10 7:18 AM, Charles Pritchard wrote:
/ Proposed method:
/>>/ CanvasRenderingContext2D
/>/> resetOriginClean
/>/> throws SECURITY_ERR exception
/>>/
/>/> When resetOriginClean is executed, an implementation shall request elevated
/>/> privileges, and if granted, set the origin-clean flag of the canvas
/>/> element to true.
/>
Mozilla almost certainly not be willing to implement such a method.
-Boris


Well... as that idea has been torpedoed, what/where is current work
being done to unify privilege escalation?

...

Boris, you haven't provided me with any reasoning/room to address the issue.

In general use resetOriginClean would just throw a security error.
It'd only prompt the user for permissions in the same cases that 
enablePrivilege does.

I'm not looking to change nor circumvent the Mozilla browser security model, 
I'm just
trying to standardize the really awkward experience a trusted application has 
to go through
to grab permitted image data.

None of that is mentioned in the proposal, elevation is out of spec.
Most of the time, resetOriginClean would just return a security error,
and not prompt the user for anything.

....

Use Case:

The following gets me a clean ImageData object which I still
need to copy into a Canvas context (likely taking another chunk of RAM).

var resetOriginClean = function(o) {
        var dirty = document.createElement('canvas');
        dirty.width = o.width; dirty.height = o.height;
        (dirty = dirty.getContext('2d')).drawImage(o,0,0);
        var data;
        try {
                try { data = dirty.getImageData(0,0,o.width,o.height); }
                catch(e) {
                        
netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");
                        data = dirty.getImageData(0,0,o.width,o.height);
                        
netscape.security.PrivilegeManager.revertPrivilege("UniversalBrowserRead");
                }
        } catch(e) {
                throw "Could not access file for reading. "+e;
                data = null;
        }
        return data;
}

Reply via email to